InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Infosec trends for 2013
Technology Spectator
When it comes to cyber security separating fact from fiction is never as easy as it seems. Given the hysterics many security software vendors are prone to it's easy to see why many a pertinent point is often lost in the noise. While this noise will no ...

Speaking at the company's first user conference, Amazon Web Services CISO Stephen Schmidt said security in the cloud is a shared responsibility.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
A group of current and former contractors at NASA's Jet Propulsion Laboratory are considering whether to file a lawsuit due to the possible exposure of personal information stored on an agency laptop stolen from a locked car, their lawyer said Wednesday.
Worldwide server shipments went up in the third quarter of 2012, but revenue from those sales dropped due to economic uncertainty in some parts of the world, research firm Gartner said in a study released on Wednesday.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

McAfee released an extra dat this morning https://kc.mcafee.com/corporate/index?page=contentid=KB76807 for W32/Autorun.worm.aaeb-h

Weve received a few emails relating to this, mainly because the formatting on some of the emails wasnt quite what people were expecting. As far as I can tell it is legit. I havent found any evilness in the PDF linked to from the KB (at least there wasnt anything to find when I checked).

The KB also has an updated stinger file to remove the worm from the machine.

If you have the issue at the moment you may want to apply the DAT, but otherwise you may wish to wait untill it rolls out as part of the normal update cycle. In the mean time have a read of the KB and associated info and that will give you some info on determining if you have the issue in your network .

If you have been infected the malware guys and gals always enjoy plucking things apart so upload it via the contact form (zip file with a password of infected please).


(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Microsoft's next OS update for Windows Phone 7 handsets won't be available until sometime in 2013.
Google CEO Larry Page met with officials from the FTC this week in an attempt to convince regulators that the company hasn't broken antitrust laws, reports say.
Despite calls for Facebook to stop planned changes to the way it makes privacy policy, analysts are divided over how bad the changes would be for users.
SAP and a financial analyst are at loggerheads over a recent report by the analyst, which said that a handful of customers had received substantial discounts on their software maintenance renewals.
Microsoft will speed up the release cadence of Windows, starting in 2013, to issue annual OS upgrades, according to reports on the Web today.
Like all malls in the United States, the Arden Fair Mall in Sacramento is being overrun with shoppers as the holiday season kicks into high gear.
Amazon CEO Jeff Bezos will headline this week's first-ever AWS re: Invent cloud computing conference, where several sessions will cover security issues.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
The Romanian domain names of Google, Yahoo, Microsoft, Kaspersky Lab and other companies were hijacked on Wednesday and were redirected to a hacked server in the Netherlands.
Adding to an already considerable set of cloud IT offerings, Amazon has introduced a hosted data warehouse service called Redshift, pitching it as a lower-cost alternative to on-premise data warehouse deployments.
Reader Jeff Adelson scratches his head over a FireWire issue. He writes:
You have no doubt watched the rise of Pinterest, the latest social media phenom. But have you switched to the new Pinterest Business Pages? Here's how to do it, plus details on its other exclusive features.
Companies are not only buying into SaaS (software as a service) more than ever, they are also ripping out legacy on-premises applications and replacing them with SaaS, according to analyst firm Gartner.
Tablet trade-in queries plummeted by 45% when Apple introduced its new iPad Mini, hinting that the smaller Apple device is not significantly cannibalizing sales of the larger tablet, an electronics recycling firm said.

Our thoughts are with friends and family of Brad Smith
CSO (blog)
I want to take a moment and say a few things about Brad Smith, an infosec professional who has had a big influence on the community. He suffered a devastating stroke at last year's Hacker Halted conference in Miami as he was delivering a talk, and his ...

The Oxford Deluxe app exposes software pirates by auto-posting tweets in their names. Sometimes wrongly so
Re: rssh security announcement
Re: rssh security announcement
Re: rssh security announcement
US-CERT is warning of a backdoor in network printers manufactured by Samsung that allows attackers to take complete control of the systems and also gives them access to other parts of the network
[SECURITY] [DSA 2578-1] rssh security update
A group of hackers leaked email contact information of experts working with the International Atomic Energy Agency after breaking into one of the agency's servers.
Amazon.com has opened its Maps API to all Kindle developers, who can now use it to integrate maps in their applications for the Kindle Fire family of tablets.
A Dutch court has banned sales of Samsung Electronics' Galaxy products that infringe on an Apple patent describing a way to scroll through a photo gallery using a touchscreen.
Dragon NaturallySpeaking is the premiere voice-recognition software package. Its latest version adds additional accuracy.
Valuable data stored in the cloud is sure to be a target. What can be done to make it harder to steal?
Sharp will start selling the industry's thinnest 4K monitor, a 32-inch LCD screen that is just 3.5mm thick, in February.
A group of attackers intruded into the IAEA's computer system, stole scientists' personal contact details and published them on the net. The group has demanded that Israel's nuclear reactor at Dimona be investigated by an independent body

libotr2 Package Multiple Heap Based Buffer Overflow Vulnerabilities


Geek Researcher Spends Three Years Living With Hackers
You know, like Infosec, and the transgressive tradition, and — a little later on — the hardware explosion. And that became the focus of my teaching. Because while the book is on open source, I wanted to grapple with and grasp the different dimensions ...

A little more than a year after Mozilla debuted a customized version of Firefox starring Microsoft's Bing search engine, the open-source developer on Tuesday shipped another Microsoft tie-in, Firefox with MSN
Rackspace stands apart with familiar tools, open standards, and enterprise-grade support
Yet another XSS vulnerability is found on a Yahoo site and the discovery is being sold on the black market at a knock-down price giving an insight into how exploits are priced

rssh Command Line Filtering Multiple Remote Arbitrary Command Execution Vulnerabilities

Posted by InfoSec News on Nov 28


By Aliya Sternstein
November 27, 2012

A previously classified 2007 National Academies report on power grid
vulnerabilities that, coincidentally, was declassified mid-November when
many Hurricane Sandy victims remained in the dark after widespread power
outages, stated that cyberattacks, unlike...

Posted by InfoSec News on Nov 28


By Dan Goodin
Ars Technica
Nov 27 2012

Hackers inserted malicious code into the open-source Piwik analytics
software after compromising the Web server used for downloads.

Piwik boasts more than 1.2 million downloads and the program's
maintainers are warning those who installed Piwik 1.9.2 during an
eight-hour window on Monday...

Posted by InfoSec News on Nov 28


By Noah Shachtman
Danger Room

A slew of American officials have blamed Iran for attacks on the servers
of Bank of America, Well Fargo, HSBC, and other western banks. But the
hackers taking credit for the sophisticated distributed
denial-of-service strikes say that’s all wrong; they claim they hit the
financial institutions because they were...

Posted by InfoSec News on Nov 28


By John Leyden
The Register
28th November 2012

Serious security holes in the website of Companies House - the UK
database of corporate information - have exposed sensitive data and
create the risk of corporate identity theft, security consultants warn.

The UK government agency maintains that alleged security flaws
identified by researcher Paul Moore are either in the...

Posted by InfoSec News on Nov 28


By Andy Greenberg
Forbes Staff

Whoever robbed Janet Wolf’s hotel room did his work discreetly.

When Wolf returned to the Hyatt in Houston’s Galleria district last
September and found her Toshiba laptop stolen, there was no sign of a
forced door or a picked lock. Suspicions about the...
Tor Remote Denial of Service Vulnerability
Internet Storm Center Infocon Status